Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | CVE-2024-29895 PoC - Exploiting remote command execution in Cacti servers using the 1.3.X DEV branch builds | https://github.com/Stuub/CVE-2024-29895-CactiRCE-PoC | POC Details |
| 2 | Cacti CVE-2024-29895 POC | https://github.com/secunnix/CVE-2024-29895 | POC Details |
| 3 | None | https://github.com/ticofookfook/CVE-2024-29895.py | POC Details |
| 4 | CVE-2024-29895 | RCE on CACTI 1.3.X dev | https://github.com/Rubioo02/CVE-2024-29895 | POC Details |
| 5 | CVE-2024-29895-CactiRCE-PoC , RCE, POC, CVE-2024-29895 | https://github.com/nancyariah4/CVE-2024-29895-CactiRCE-PoC | POC Details |
| 6 | Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when `register_argc_argv` option of PHP is `On`. In `cmd_realtime.php` line 119, the `$poller_id` used as part of the command execution is sourced from `$_SERVER['argv']`, which can be controlled by URL when `register_argc_argv` option of PHP is `On`. And this option is `On` by default in many environments such as the main PHP Docker image for PHP. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-29895.yaml | POC Details |
| 7 | CVE-2024-29895 | RCE on CACTI 1.3.X dev | https://github.com/apaz-dev/CVE-2024-29895 | POC Details |
No public POC found.
Login to generate AI POCNo comments yet